We claim: 

1 1 . A system for providing a provable chain of evidence for an evidence collection, 

2 comprising: 

3 a security core which provides security functions; 

4 one or more components; 

5 means for operating the security core; 

6 means for securely operably connecting the components to the security core, such that the 

7 security core can vouch for authenticity of each securely operably connected component; 

. ..8 means for recording one or more data streams which comprise the evidence collection, 

i^lp each of the data streams being created by selected ones of the securely operably connected 

^10 components; and 

^ i 1 means for securely providing, for the evidence collection by the security core, an 

;;.12 identification of each of the selected ones which create the recorded data streams. 

^ ] 1 2. The system according to Claim 1, wherein selected ones of the operable connections are 

2 made using one or more buses of the security core, 

1 3. The system according to Claim 1, wherein selected ones of the operable connections are 

2 made using a wireless connection between respective ones of the components and the security 

3 core. 
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1 4. The system according to Claim 3, wherein the wireless connections use Secure Sockets 

2 Layer (SSL) data encryption or an equivalent which provides mutual authentication of both 

3 endpoints, negotiation of a time-limited key agreement with secure passage of a selected 

4 encryption key, and periodic renegotiation of the time-limited key agreement with a new 

5 encryption key. 

1 5. The system according to Claim 1, wherein selected ones of the secure operable 

2 connections are provided when the security core is manufactured. 

1 31 6. The system according to Claim 1, wherein the components comprise one or more of (1) 

5-^l2 input/output components and (2) application processing components. 

r 1 7. The system according to Claim 1, wherein the means for securely operably connecting 
further comprises means for authenticating the operably connected component to the security 

'^=13 core. 



1 8. The system according to Claim 7, wherein the means for authenticating further comprises: 

2 means for providing a unique identifier of the operably connected component to the 

3 security core, along with a digital signature of the unique identifier that is created using a private 

4 key of the operably connected component; and 

5 means for using, by the security core, a public key that is cryptographically associated with 

6 the private key to determine authenticity of the operably connected component. 
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1 9. The system according to Claim 1, wherein the means for securely operably connecting is 

2 activated by a hardware reset of the component, and wherein the hardware reset is activated by 

3 operably connecting of the component, 

1 10. The system according to Claim 7, wherein the means for authenticating are securely stored 

2 on the operably connected component, 

1 11. The system according to Claim 7, further comprising means for authenticating the security 
core to the operably connected component, 

^ ;;i 12. The system according to Claim 1, further comprising means for authenticating a user 

," 2 involved in operating the security core and the operably connected components. 

f, '■ 

;J1 13, The system according to Claim 1, further comprising: 

^ "2 means for detecting whether the selected ones remain operably connected to the security 

3 core during operation of the means for recording; and 

4 means for aborting the recording if one or more of the selected ones fails to remain 

5 operably connected to the security core during operation of the means for recording. 

1 14. The system according to Claim 1, further comprising: 
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2 means for detecting whether the components remain operably connected to the security 

3 core during operation of the means for recording; and 

4 means for marking the evidence collection as not authenticated if one or more of the 

5 components fails to remain operably connected to the security core during operation of the means 

6 for recording. 

1 15. The system according to Claim 7, further comprising: 

2 means for determining whether the selected ones have been authenticated to the security 

3 core; and 

means for aborting the evidence collection if one or more of the selected ones has not been 

5 authenticated to the security core. 



,f 1 16. The system according to Claim 7, further comprising: 

;=ic2 means for determining whether the selected ones have been authenticated to the security 

";r3 core; and 

^ 4 means for marking the evidence collection as not authenticated if one or more of the 

5 selected ones has not been authenticated to the security core. 

1 17. The system according to Claim 7, further comprising: 

2 means for determining whether the selected ones have been authenticated to the security 

3 core; and 
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4 means for suppressing from the evidence collection any data streams created by those ones 

5 of the selected ones that have not been authenticated to the security core, 

1 18. The system according to Claim 1 , wherein the means for securely providing further 

2 comprises means for digitally notarizing, by the security core, the recorded data streams which 

3 comprise the evidence collection. 

1 19. The system according to Claim 1, wherein the means for securely providing further 

2 comprises means for adding another data stream to the evidence collection, wherein the added 
.3 data stream comprises a digital notarization, created by the security core, of the recorded data 

yH streams which comprise the evidence collection, 

„r 1 20. The system according to Claim 18, wherein the means for digitally notarizing fiirther 
comprises: 

3 means for computing, by the security core, a hash value over each of the recorded data 
"4 streams; 

5 means for combining each hash value with a unique identifier of the selected one which 

6 created the recorded data stream for which the hash value was computed, thereby creating a 

7 combination data block; 

8 means for hashing the combination data block; 
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9 means for digitally signing the hashed combination data block with a private cryptographic 

10 key of the security core, wherein the private cryptographic key has a public cryptographic key 

1 1 cryptographically associated therewith; and 

12 means for providing the digitally signed hashed combination data block, along with the 

13 combination data block, as the digital notarization for the recorded data streams which comprise 

14 the e\ddence collection, wherein the digital notarization cryptographically seals contents of the 

15 evidence collection and identities of the selected ones. 

1 21. The system according to Claim 20, wherein: 

!2 the means for computing a hash operates periodically, upon expiration of an elapsed time 

^ 3 value, to compute a hash value over each of a plurality of segments of each recorded data stream; 
'•^ the means for combining, the means for hashing, and the means for digitally signing all 

. 5 operate on the periodically-computed hash values for each recorded data stream; and 
[ -6 the means for providing provides the digitally signed periodically-computed hash values, 

' p along with the periodically-computed hash values, as the digital notarization; and 

fiirther comprising means for inserting an identification of a time corresponding to each of 

9 the periodically-computed hash values at appropriate locations within each of the recorded data 

10 streams, 

1 22. The system according to Claim 2 1 , wherein the means for inserting uses MPEG-4 

2 synchronization timestamping. 
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1 23. The system according to Claim 21, wherein authenticity and integrity of each of the 

2 segments is independently verifiable. 

1 24. The system according to Claim 21, fimher comprising: 

2 means for extracting selected ones of the segments of the recorded data streams; and 

3 means for verifying integrity of the extracted selected ones using the public cryptographic 

4 key of the security core. 

1 25. The system according to Claim 20, further comprising: 
:32 means for extracting selected ones of the recorded data streams; and 

f ^3 means for verifying authenticity of the extracted selected ones using the public 

' S4 cryptographic key of the security core. 

' * 1 26. The system according to Claim 19, further comprising: 

;J 2 means for authenticating a user involved in creating the recorded data streams; and 

^ * 3 means for including an identification of the authenticated user in the digital notarization. 

1 27. The system according to Claim 20, further comprising means for verifying authenticity of 

2 the evidence collection by a receiver of the recorded data streams and the digital notarization, 

3 using a public cryptographic key of the security core, wherein the public cryptographic key is 

4 cryptographically associated with a private cryptographic key that was used by the security core 



RSW920010009US1 



5 to create the digital notarization, and for concluding that the evidence collection is authentic if the 

6 verification succeeds, 

1 28. The system according to Claim 27, wherein the means for verifying authenticity further 

2 comprises concluding that the evidence collection has not been tampered with if the verification 

3 succeeds. 

1 29. The system according to Claim 1, wherein the one or more recorded data streams of the 

2 evidence collection comprise an audio transcript. 

^1 30. The system according to Claim 29, wherein the evidence collection further comprises an 

l;52 identification of participants who are speaking in the audio transcript, wherein identification of the 

3 participants is provided by one of the selected ones. 

3 1 . The system according to Claim 1, wherein at least one of the one or more recorded data 

2 streams of the evidence collection comprises video data. 

1 32. The system according to Claim 1, wherein the one or more recorded data streams of the 

2 evidence collection comprise a photograph and identifying information pertaining to taking the 

3 photograph. 
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1 33 . The system according to Claim 32, wherein the identifying information fiirther comprises 

2 at least one of: (1) a time of day when the photograph was taken; (2) a date when the photograph 

3 was taken; (3) a location where the photograph was taken, (4) a direction of the camera when the 

4 photograph was taken; and (5) settings of the camera when the photograph was taken; wherein 

5 the time, date, and location are provided by one or more of the selected ones. 

1 34. The system according to Claim 1, further comprising: 

2 means for recording an audio transcript by a first selected one of the securely operably 

3 connected components; 

^ -^4 means for converting the audio transcript to a digital data stream by a second selected one 

5 of the securely operably connected components; 

means for digitally notarizing the digital data stream, by the security core; 

, 7 means for using the digital data stream as the recorded data stream of the evidence 

-^^8 collection; and 

; i9 means for using the digital notarization as the securely provided identification. 



1 35. The system according to Claim 34, wherein the means for digitally notarizmg fiirther 

2 comprise: 

3 means for computing a hash of the digital data stream; 

4 means for combining the hash and a unique identifier of each of the first selected one and 

5 the second selected one, thereby creating a data block; 

6 means for hashing the data block; and 
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7 means for digitally signing the hash of the data block using a private cryptographic key of 

8 the security core. 

1 36. The system according to Claim 33, wherein the location is provided by one of the selected 

2 ones which is a global positioning satellite receiver. 

1 37. A method of creating a provable cham of evidence for an evidence collection, comprising 

2 steps of 

3 providing a security core which provides security functions; 

hM securely operably connecting one or more components to the security core, such that the 

^ % security core can vouch for authenticity of each securely operably connected component; 
^ g6 recording one or more data streams which comprise the evidence collection, each of the 

77 data streams being created by selected ones of the securely operably connected components; and 
|l8 securely providing, for the evidence collection by the security core, an identification of 

: l9 each of the selected ones which create the recorded data streams. 

1 38. The method according to Claim 37, wherein selected ones of the operable connections are 

2 made using one or more buses of the security core. 

1 39. The method according to Claim 37, wherein selected ones of the operable connections are 

2 nmde using a wireless connection between respective ones of the components and the security 

3 core. 
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40. The method according to Claim 39, wherein the wireless connections use Secure Sockets 
Layer (SSL) data encryption or an equivalent which provides mutual authentication of both 
endpoints, negotiation of a time-limited key agreement with secure passage of a selected 
encryption key, and periodic renegotiation of the time-limited key agreement with a new 
encryption key. 

4L The method according to Claim 37, wherein selected ones of the secure operable 
connections are provided when the security core is manufactured. 

42. The method according to Claim 37, wherein the components comprise one or more of (1) 
input/output components and (2) application processing components, 

43. The system according to Claim 37, wherein the step of securely operably connecting 
further comprises the step of authenticating the operably connected component to the security 
core, 

44. The method according to Claim 43, wherein the authenticating step further comprises the 
steps of 

providing a unique identifier of the operably connected component to the security core, 
along with a digital signature of the unique identifier that is created using a private key of the 
operably connected component; and 
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using, by the security core, a public key that is cryptographically associated with the 
private key to determine authenticity of the operably connected component. 

45. The method according to Claim 37, wherein the step of securely operably connecting is 
activated by a hardware reset of the component, and wherein the hardware reset is activated by 
operably connecting of the component. 

46. The method according to Claim 43, wherein instructions for performing the authenticating 
step are securely stored on the operably connected component. 

47. The method according to Claim 43, fiirther comprising the step of authenticating the 
security core to the operably connected component. 

48. The method according to Claim 37, further comprising the step of authenticating a user 
involved in operating the security core and the operably connected components. 

49. The method according to Claim 37, further comprising steps of 

detecting whether the components remain operably connected to the security core during 
operation of the recording step; and 

aborting the recording if one or more of the components fails to remain operably 
connected to the security core during operation of the recording step. 
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1 50. The method according to Claim 37, further comprising steps of: 

2 detecting whether the selected ones remain operably connected to the security core during 

3 operation of the recording step; and 

4 marking the evidence collection as not authenticated if one or more of the selected ones 

5 fails to remain operably connected to the security core during operation of the recording step. 

1 51. The method according to Claim 43, further comprising steps of: 

2 determining whether the selected ones have been authenticated to the security core; and 

3 aborting the evidence collection if one or more of the selected ones has not been 
\M authenticated to the security core. 

^ 52. The method according to Claim 43, fijrther comprising steps of 
"2 determining whether the selected ones have been authenticated to the security core; and 

\'^3 marking the evidence collection as not authenticated if one or more of the selected ones 

=4 has not been authenticated to the security core. 

1 53. The method according to Claim 43, further comprising steps of 

2 determining whether the selected ones have been authenticated to the security core; and 

3 suppressing from the evidence collection any data streams created by those ones of the 

4 selected ones that have not been authenticated to the security core. 
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1 54. The method according to Claim 37, wherein the step of securely providing fiirther 

2 comprises the step of digitally notarizing, by the security core, the recorded data streams which 

3 comprise the evidence collection. 

1 55. The method according to Claim 37, wherein the step of securely providing further 

2 comprises the step of adding another data stream to the evidence collection, wherein the added 

3 data stream comprises a digital notarization, created by the security core, of the recorded data 

4 streams which comprise the evidence collection. 

= 'Si 56. The method according to Claim 54, wherein the digitally notarizing step further comprises 

'^2 steps of 

l!j computing, by the security core, a hash value over each of the recorded data streams; 

4 combining each hash value with a unique identifier of the selected one which created the 

=^5 recorded data stream for which the hash value was computed, thereby creating a combination data 

% block; 

' 7 hashing the combination data block; 

8 digitally signing the hashed combination data block with a private cryptographic key of the 

9 security core, wherein the private cryptographic key has a public cryptographic key 

10 cryptographically associated therewith; and 

1 1 providing the digitally signed hashed combination data block, along with the combination 

12 data block, as the digital notarization for the recorded data streams which comprise the evidence 
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13 collection, wherein the digital notarization cryptographically seals contents of the evidence 

14 collection and identities of the selected ones. 

1 57. The method according to Claim 56, wherein: 

2 the step of computing a hash operates periodically, upon expiration of an elapsed time 

3 value, to compute a hash value over each of a plurality of segments of each recorded data stream; 

4 the combining step, the hashing step, and the digitally signing step all operate on the 

5 periodically-computed hash values for each recorded data stream; and 

6 the providing step provides the digitally signed periodically-computed hash values, along 
il7 with the periodically-computed hash values, as the digital notarization; and 

fijrther comprising the step of inserting an identification of a time corresponding to each of 

j;^ the periodically-computed hash values at appropriate locations within each of the recorded data 

Jo streams. 

■^1 58. The method according to Claim 57, wherein the inserting step uses MPEG-4 

' "2 synchronization timestamping. 

1 59. The method according to Claim 57, wherein authenticity and integrity of each of the 

2 segments is independently verifiable. 

1 60. The method according to Claim 57, fiarther comprising steps of 

2 extracting selected ones of the segments of the recorded data streams; and 
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verifying integrity of the extracted selected ones using the public cryptographic key of the 
security core. 



1 61. The method according to Claim 56, fiirther comprising steps of 

2 extracting selected ones of the recorded data streams; and 

3 verifying authenticity of the extracted selected ones using the public cryptographic key of 

4 the security core. 

1 62. The method according to Claim 55, further comprising steps of 
Is authenticating a user involved in creating the recorded data streams; and 

^^ 3 including an identification of the authenticated user in the digital notarization. 

" 1 63, The method according to Claim 56, further comprising the step of verifying authenticity of 

: =^ 2 the evidence collection by a receiver of the recorded data streams and the digital notarization, 

::G using a public cryptographic key of the security core, v^herein the public cryptographic key is 

' 4 cryptographically associated with a private cryptographic key that was used by the security core 

5 to create the digital notarization, and concluding that the evidence collection is authentic if the 

6 verification succeeds. 

1 64. The method according to Claim 63, wherein the step of verifymg authenticity further 

2 comprises concluding that the evidence collection has not been tampered with if the verification 

3 succeeds. 
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1 65. The method according to Claim 37, wherein the one or more recorded data streams of the 

2 evidence collection comprise an audio transcript. 

1 66. The method according to Claim 65, wherein the evidence collection fixrther comprises an 

2 identification of participants who are speaking in the audio transcript, wherein identification of the 

3 participants is provided by one of the selected ones. 

1 67. The method according to Claim 37, wherein at least one of the one or more recorded data 
; :;2 streams of the evidence collection comprises video data, 

68, The method according to Claim 37, wherein the one or more recorded data streams of the 
, 2 evidence collection comprise a photograph and identifying information pertaining to taking the 
photograph. 

^ ' 1 69. The method according to Claim 68, wherein the identifying information fiirther comprises 

2 at least one of (1) a time of day when the photograph was taken; (2) a date when the photograph 

3 was taken; (3) a location where the photograph was taken; (4) a direction of the camera when the 

4 photograph was taken; and (5) settings of the camera when the photograph was taken; wherein 

5 the time, date, and location are provided by one or more of the selected ones. 

1 70, The method according to Claim 37, fUrther comprising steps of 
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2 recording an audio transcript by a first selected one of the securely operably connected 

3 components; 

4 converting the audio transcript to a digital data stream by a second selected one of the 

5 securely operably connected components; 

6 digitally notarizdng the digital data stream, by the security core; 

7 using the digital data stream as the recorded data stream of the evidence collection; and 

8 using the digital notarization as the securely provided identification. 

1 71 . The method according to Claim 70, wherein the digitally notarizing step fiirther comprises 
steps of 

; = 3 computing a hash of the digital data stream; 

[ ;:;4 combining the hash and a unique identifier of each of the first selected one and the second 

J 5 selected one, thereby creating a data block; 

hashing the data block; and 
\7 digitally signing the hash of the data block using a private cryptographic key of the 

^ '8 security core, 

1 72, The method accordmg to Claim 69, wherein the location is provided by one of the selected 

2 ones which is a global positioning satellite receiver. 
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73. A computer program product for providing a provable chain of evidence for an evidence 
collection, the computer program product embodied on one or more computer-readable media 
and comprising: 

computer-readable program code means for operating a security core which provides 
security fimctions; 

computer-readable program code means for securely operably connecting one or more 
components to the security core, such that the security core can vouch for authenticity of each 
securely operably connected component; 

computer-readable program code means for recording one or more data streams which 
comprise the evidence collection, each of the data streams being created by selected ones of the 
securely operably connected components; and 

computer-readable program code means for securely providing, for the evidence collection 
by the security core, an identification of each of the selected ones which create the recorded data 
streams. 

74. The computer program product according to Claim 73, wherein selected ones of the 
operable connections are made using one or more buses of the security core. 

75. The computer program product according to Claim 73, wherein selected ones of the 
operable connections are made using a wireless connection between respective ones of the 
components and the security core. 
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1 76. The computer program product according to Claim 75, wherein the wireless connections 

2 use Secure Sockets Layer (SSL) data encryption or an equivalent which provides mutual 

3 authentication of both endpoints, negotiation of a time-limited key agreement with secure passage 

4 of a selected encryption key, and periodic renegotiation of the time-limited key agreement with a 

5 new encryption key. 

1 77. The computer program product according to Claim 73, wherein selected ones of the 

2 secure operable connections are provided when the security core is manufactured, 

78. The computer program product according to Claim 73, wherein the components comprise 
• one or more of (1) input/output components and (2) application processing components. 

J 1 79. The computer program product according to Claim 73, wherein the computer-readable 

I ^ program code means for securely operably connecting further comprises computer-readable 

:lj program code means for authenticating the operably connected component to the security core. 

1 80. The computer program product according to Claim 79, wherein the computer-readable 

2 program code means for authenticating further comprises: 

3 computer-readable program code means for providing a unique identifier of the operably 

4 connected component to the security core, along with a digital signature of the unique identifier 

5 that is created using a private key of the operably connected component; and 
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6 computer-readable program code means for using, by the security core, a public key that is 

7 cryptographically associated with the private key to determine authenticity of the operably 

8 connected component. 

1 81, The computer program product according to Claim 73, wherein the computer-readable 

2 program code means for securely operably connecting is activated by a hardware reset of the 

3 component, and wherein the hardware reset is activated by operably connecting of the 

4 component. 

: In 82. The computer program product according to Claim 79, wherein the computer-readable 
^ program code means for authenticating are securely stored on the operably connected component. 

ri 83. The computer program product according to Claim 79, further comprising computer- 

i iii2 readable program code means for authenticating the security core to the operably connected 

;€ component. 

1 84. The computer program product according to Claim 73, further comprising computer- 

2 readable program code means for authenticating a user involved in operating the security core and 

3 the operably connected components. 

1 85, The computer program product according to Claim 73, further comprising: 
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2 computer-readable program code means for detecting whether the selected ones remain 

3 operably connected to the security core during operation of the computer-readable program code 

4 means for recording; and 

5 computer-readable program code means for aborting the recording if one or more of the 

6 selected ones fails to remain operably connected to the security core during operation of the 

7 computer-readable program code means for recording, 

1 86, The computer program product according to Claim 73, fiirther comprising: 

2 computer-readable program code means for detecting whether the components remain 

;3 operably connected to the security core during operation of the computer-readable program code 

:^ 4 means for recording; and 

'' ;:5 computer-readable program code means for marking the evidence collection as not 

6 authenticated if one or more of the components fails to remain operably connected to the security 

s i^7 core during operation of the computer-readable program code means for recording. 



' 1 87. The computer program product according to Claim 79, fiirther comprising: 

2 computer-readable program code means for determining whether the selected ones have 

3 been authenticated to the security core; and 

4 computer-readable program code means for aborting the evidence collection if one or 

5 more of the selected ones has not been authenticated to the security core. 



1 



88. The computer program product according to Claim 79, fiirther comprising: 
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2 computer-readable program code means for determining whether the selected ones have 

3 been authenticated to the security core; and 

4 computer-readable program code means for marking the evidence collection as not 

5 authenticated if one or more of the selected ones has not been authenticated to the security core. 

1 89. The computer program product according to Claim 79, forther comprising: 

2 computer-readable program code means for determining whether the selected ones have 

3 been authenticated to the security core; and 

4 computer-readable program code means for suppressing from the evidence collection any 
\i3 data streams created by those ones of the selected ones that have not been authenticated to the 

; 6 security core. 

90. The computer program product according to Claim 73, wherein the computer-readable 

; 1:2 program code means for securely providing further comprises computer-readable program code 

S3 means for digitally notarizing, by the security core, the recorded data streams which comprise the 

^ 4 evidence collection. 

1 91 . The computer program product according to Claim 73, wherein the computer-readable 

2 program code means for securely providing forther comprises computer-readable program code 

3 means for adding another data stream to the evidence collection, wherein the added data stream 

4 comprises a digital notarization, created by the security core, of the recorded data streams which 

5 comprise the evidence collection. 
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1 92. The computer program product according to Claim 90, wherein the computer-readable 

2 program code means for digitally notarizing further comprises: 

3 computer-readable program code means for computing, by the security core, a hash value 

4 over each of the recorded data streams; 

5 computer-readable program code means for combining each hash value with a unique 

6 identifier of the selected one which created the recorded data stream for which the hash value was 

7 computed, thereby creating a combination data block; 

8 computer-readable program code means for hashing the combination data block; 
computer-readable program code means for digitally signing the hashed combination data 

Wo block with a private cryptographic key of the security core, wherein the private cryptographic key 

% has a public cryptographic key cryptographically associated therewith; and 
ft computer-readable program code means for providing the digitally signed hashed 

|l3 combination data block, along vAth the combination data block, as the digital notarization for the 

M recorded data streams which comprise the evidence collection, wherein the digital notarization 

^ f 5 cryptographically seals contents of the evidence collection and identities of the selected ones. 

1 93 . The computer program product according to Claim 92, wherein: 

2 the computer-readable program code means for computing a hash operates periodically, 

3 upon expiration of an elapsed time value, to compute a hash value over each of a plurality of 

4 segments of each recorded data stream; 
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5 the computer-readable program code means for combining, the computer-readable 

6 program code means for hashing, and the computer-readable program code means for digitally 

7 signing all operate on the periodically-computed hash values for each recorded data stream; and 

8 the computer-readable program code means for providing provides the digitally signed 

9 periodically-computed hash values, along with the periodically-computed hash values, as the 

10 digital notarization; and 

1 1 further comprising computer-readable program code means for inserting an identification 

12 of a time corresponding to each of the periodically-computed hash values at appropriate locations 

1 3 within each of the recorded data streams. 



; 94. The computer program product according to Clmm 93, wherem the computer-readable 

; :2 program code means for inserting uses MPEG-4 synchronization timestamping. 

ik 95 . The computer program product according to Claim 93 , wherein authenticity and integrity 
of each of the segments is independently verifiable, 

1 96. The computer program product according to Claim 93, fijrther comprising: 

2 computer-readable program code means for extracting selected ones of the segments of 

3 the recorded data streams; and 

4 computer-readable program code means for verifying integrity of the extracted selected 

5 ones using the public cryptographic key of the security core. 
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1 97. The computer program product according to Claim 92, fijrther comprising: 

2 computer-readable program code means for extracting selected ones of the recorded data 

3 streams; and 

4 computer-readable program code means for verifying authenticity of the extracted selected 

5 ones using the public cryptographic key of the security core. 

1 98. The computer program product according to Claim 91, fiirther comprising: 

2 computer-readable program code means for authenticating a user involved in creating the 

3 recorded data streams; and 

is computer-readable program code means for including an identification of the authenticated 

; ^ 5 user in the digital notarization. 

99. The computer program product according to Claim 92, ftirther comprising computer- 

'^2 readable program code means for verifying authenticity of the evidence collection by a receiver of 

;:3 the recorded data streams and the digital notarization, using a public cryptographic key of the 

' "4 security core, wherein the public cryptographic key is cryptographically associated with a private 

5 cryptographic key that was used by the security core to create the digital notarization, and for 

6 concluding that the evidence collection is authentic if the verification succeeds. 

1 100, The computer program product according to Claim 99, wherein the computer-readable 

2 program code means for verifying authenticity fiirther comprises concluding that the evidence 

3 collection has not been tampered with if the verification succeeds. 
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1 lOL The computer program product according to Claim 73, wherein the one or more recorded 

2 data streams of the evidence collection comprise an audio transcript. 

1 102. The computer program product according to Claim 101, wherein the evidence collection 

2 further comprises an identification of participants who are speaking in the audio transcript, 

3 wherein identification of the participants is provided by one of the selected ones. 

1 103 . The computer program product according to Claim 73, wherein at least one of the one or 

i 2 more recorded data streams of the evidence collection comprises video data. 

% 104. The computer program product according to Claim 73, wherein the one or more recorded 

r 2 data streams of the evidence collection comprise a photograph and identifying information 

1- 3 pertaining to taking the photograph. 

1 1 05 . The computer program product according to Claim 1 04, wherein the identifying 

2 information further comprises at least one of (1) a time of day when the photograph was taken; 

3 (2) a date when the photograph was taken; (3) a location where the photograph was taken;(4) a 

4 direction of the camera when the photograph was taken; and (5) settings of the camera when the 

5 photograph was taken; wherein the time, date, and location are provided by one or more of the 

6 selected ones. 
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1 106. The computer program product according to Claim 73, forther comprising: 

2 computer-readable program code means for recording an audio transcript by a first 

3 selected one of the securely operably connected components; 

4 computer-readable program code means for converting the audio transcript to a digital 

5 data stream by a second selected one of the securely operably connected components; 

6 computer-readable program code means for digitally notarizing the digital data stream, by 

7 the security core; 

8 computer-readable program code means for using the digital data stream as the recorded 

9 data stream of the evidence collection; and 

computer-readable program code means for using the digital notarization as the securely 

1 1 provided identification. 



r 1 107. The computer program product according to Claim 106, wherein the computer-readable 

: -2 program code means for digitally notarizing fixrther comprise: 

computer-readable program code means for computing a hash of the digital data stream; 
^ "4 computer-readable program code means for combining the hash and a unique identifier of 

5 each of the first selected one and the second selected one, thereby creating a data block; 

6 computer-readable program code means for hashing the data block; and 

7 computer-readable program code means for digitally signing the hash of the data block 

8 using a private cryptographic key of the security core. 
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1 108. The computer program product according to Claim 105, wherein the location is provided 

2 by one of the selected ones which is a global positioning satellite receiver, 

1 109, A method of doing business by creating a provable chain of evidence for an evidence 

2 collection, comprising steps of: 

3 operating a security core which provides security fimctions; 

4 securely operably connecting one or more components to the security core, such that the 

5 security core can vouch for authenticity of each securely operably connected component; 

6 authenticating selected ones of the components to the security core, thereby securely 

^■31 operably connecting the selected ones, using a unique identifier of each selected one along with a 

J^^ digital signature of the unique identifier that is created using a private key of the selected one and 

" using, by the security core, a public key that is cryptographically associated with the private key 

, J O to determine authenticity of the operably connected component; 

|#1 recording one or more data streams which comprise the evidence collection, the data 

J2 streams being created by at least one of the selected ones; and 

" f3 digitally notarizing, by the security core, the recorded data streams which comprise the 

14 evidence collection, 

1 110. The method according to Claim 1 09, wherein the digitally notarizing step further 

2 comprises steps of: 

3 computing, by the security core, a hash value over each of the recorded data streams; 
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combining each hash value with a unique identifier of the selected one which created the 
recorded data stream for which the hash value was computed, thereby creating a combination data 
block; 

hashing the combination data block; 

digitally signing the hashed combination data block with a private cryptographic key of the 
security core, wherein the private cr5T>tographic key has a public cryptographic key 
cryptographically associated therewith; and 

providing the digitally signed hashed combination data block, along with the combination 
data block, as the digital notarization for the recorded data streams which comprise the evidence 
collection, wherein the digital notarization cryptographically seals contents of the evidence 
collection and identities of the selected ones which created the recorded data streams of the 
evidence collection. 
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